Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/i2kyf4VrkfTD6zYL04bY_A9vrWg.roa
File: i2kyf4VrkfTD6zYL04bY_A9vrWg.roa (raw, json)
Hash identifier: cLgMAtWw1BlIm0eSChwH2eV7MRN/Fhh5//oOp5Aim7E=
Subject key identifier: 8B:69:32:7F:85:6B:91:F4:C3:EB:36:0B:D3:86:D8:FC:0F:6F:AD:68
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 0B0D70B8
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/i2kyf4VrkfTD6zYL04bY_A9vrWg.roa
Signing time: Wed 25 May 2022 09:29:34 +0000
ROA not before: Wed 25 May 2022 09:29:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210443
IP address blocks: 89.117.70.0/23 maxlen: 24
89.117.94.0/23 maxlen: 24
89.117.102.0/23 maxlen: 24
89.117.116.0/23 maxlen: 24
89.117.12.0/23 maxlen: 24
89.117.32.0/23 maxlen: 24
89.117.36.0/23 maxlen: 24
89.117.64.0/22 maxlen: 24
89.117.188.0/24 maxlen: 24
89.117.190.0/24 maxlen: 24
89.117.222.0/24 maxlen: 24
89.117.139.0/24 maxlen: 24
89.117.158.0/23 maxlen: 24
89.117.160.0/22 maxlen: 24
86.38.246.0/23 maxlen: 24
89.116.108.0/24 maxlen: 24
89.116.106.0/23 maxlen: 24
89.116.125.0/24 maxlen: 24
89.116.130.0/23 maxlen: 24
89.116.126.0/23 maxlen: 24
89.116.132.0/24 maxlen: 24
89.116.128.0/24 maxlen: 24
89.116.137.0/24 maxlen: 24
89.116.135.0/24 maxlen: 24
89.116.141.0/24 maxlen: 24
89.116.148.0/23 maxlen: 24
89.116.150.0/24 maxlen: 24
89.116.153.0/24 maxlen: 24
89.116.154.0/24 maxlen: 24
89.116.58.0/23 maxlen: 24
86.38.202.0/23 maxlen: 24
89.116.68.0/23 maxlen: 24
89.116.88.0/23 maxlen: 24
89.116.92.0/24 maxlen: 24
89.116.252.0/24 maxlen: 24
89.116.253.0/24 maxlen: 24
89.116.255.0/24 maxlen: 24
89.117.8.0/23 maxlen: 24
89.116.163.0/24 maxlen: 24
89.116.161.0/24 maxlen: 24
89.116.166.0/24 maxlen: 24
89.116.179.0/24 maxlen: 24
89.116.184.0/23 maxlen: 24
89.116.186.0/24 maxlen: 24
89.116.189.0/24 maxlen: 24
89.116.190.0/24 maxlen: 24
89.116.210.0/23 maxlen: 24
86.38.178.0/23 maxlen: 24
86.38.186.0/23 maxlen: 24
86.38.184.0/23 maxlen: 24
89.117.228.0/23 maxlen: 24
89.117.245.0/24 maxlen: 24
89.117.250.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 185430200 (0xb0d70b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: May 25 09:29:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8b69327f856b91f4c3eb360bd386d8fc0f6fad68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b8:12:79:69:1b:61:27:99:5a:b7:d3:d0:1d:
15:ad:04:29:9e:81:cf:9e:70:52:b9:44:54:cc:4c:
43:ec:28:a0:75:9b:74:17:15:ba:c2:ea:c8:db:3c:
aa:44:40:ca:6a:2b:36:a3:ea:03:2f:8a:ab:9a:4c:
e7:33:db:e9:96:62:f4:15:7e:e0:07:fa:9c:bf:72:
85:a9:9d:d9:70:c8:3b:e6:6a:79:80:28:97:c7:86:
d5:94:6d:ff:c2:d8:2a:7b:d4:5c:3e:45:82:c0:35:
81:c5:0a:e0:2d:42:1b:84:78:8f:d2:13:de:a0:4d:
c1:97:75:7a:f1:2b:f4:d6:ba:b3:65:91:38:01:85:
8b:03:e9:d1:9d:12:fc:11:b0:6d:2c:76:a2:28:2b:
06:61:47:22:f0:f7:90:2f:d0:28:77:04:8b:62:2d:
f0:11:54:f6:ce:fc:6d:07:e1:3a:4f:75:ba:d8:c2:
d0:84:b6:64:16:fb:45:ef:1a:a0:7b:33:74:b4:41:
6d:c6:bb:31:fd:1a:40:46:92:c9:e7:e2:2d:be:7c:
e6:03:ad:23:17:a6:b1:db:ee:c5:e2:c8:15:a6:18:
8e:f9:cd:d9:68:8b:ea:5f:f9:dd:90:89:a4:c2:72:
d6:62:11:46:99:63:34:55:17:2b:2c:af:32:80:5c:
f8:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:69:32:7F:85:6B:91:F4:C3:EB:36:0B:D3:86:D8:FC:0F:6F:AD:68
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/i2kyf4VrkfTD6zYL04bY_A9vrWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.178.0/23
86.38.184.0/22
86.38.202.0/23
86.38.246.0/23
89.116.58.0/23
89.116.68.0/23
89.116.88.0/23
89.116.92.0/24
89.116.106.0-89.116.108.255
89.116.125.0-89.116.128.255
89.116.130.0-89.116.132.255
89.116.135.0/24
89.116.137.0/24
89.116.141.0/24
89.116.148.0-89.116.150.255
89.116.153.0-89.116.154.255
89.116.161.0/24
89.116.163.0/24
89.116.166.0/24
89.116.179.0/24
89.116.184.0-89.116.186.255
89.116.189.0-89.116.190.255
89.116.210.0/23
89.116.252.0/23
89.116.255.0/24
89.117.8.0/23
89.117.12.0/23
89.117.32.0/23
89.117.36.0/23
89.117.64.0/22
89.117.70.0/23
89.117.94.0/23
89.117.102.0/23
89.117.116.0/23
89.117.139.0/24
89.117.158.0-89.117.163.255
89.117.188.0/24
89.117.190.0/24
89.117.222.0/24
89.117.228.0/23
89.117.245.0/24
89.117.250.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:7e:93:dc:b3:69:43:1e:a3:2e:5d:6e:42:52:75:30:86:a9:
17:29:b8:e2:7a:88:05:b1:ff:1c:6b:57:df:0c:91:37:cd:a4:
08:88:12:0d:fc:e4:50:dd:2b:7c:d4:0b:3b:4e:9e:e3:d0:b4:
37:72:07:f5:1b:67:46:54:18:7f:dc:93:ff:7a:50:ea:0d:02:
df:24:45:eb:af:12:2f:12:bc:f8:f6:7f:83:be:ec:5b:fb:5f:
dd:dd:cd:eb:47:3a:a7:0d:b4:0f:9a:e1:c6:f8:33:b5:80:5e:
8b:c7:15:9e:60:22:74:da:93:21:55:63:16:36:e1:63:12:32:
b3:a2:ce:07:6a:69:84:d1:ae:b1:eb:c3:2d:ce:18:5d:e0:cb:
66:ba:bb:f4:b8:67:7d:de:ca:23:c6:23:98:65:1d:07:f6:db:
8a:59:98:97:4f:3a:78:c0:21:49:f1:97:0a:fd:d3:55:47:61:
da:5e:a8:2f:7d:de:62:1f:98:de:64:3d:e1:ab:74:5a:01:ee:
8f:24:ff:3a:1c:98:76:b7:b1:fc:4b:a1:f1:e1:8b:08:34:0d:
51:2a:80:02:38:6e:b0:7f:1e:f3:c3:cc:ee:ff:d9:86:e9:9d:
bd:e1:9e:45:07:a2:4f:f1:6d:23:5f:6c:17:14:f0:bd:8c:b8:
a0:98:02:48
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgIECw1wuDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDY5ODU4NWU1ZWJkMTFjOTY5YzdlZDRhMzIwZWRhZmM5ZDE3ODIyMB4XDTIyMDUy
NTA5MjkzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGI2OTMyN2Y4NTZi
OTFmNGMzZWIzNjBiZDM4NmQ4ZmMwZjZmYWQ2ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJi4EnlpG2EnmVq309AdFa0EKZ6Bz55wUrlEVMxMQ+wooHWb
dBcVusLqyNs8qkRAymorNqPqAy+Kq5pM5zPb6ZZi9BV+4Af6nL9yhamd2XDIO+Zq
eYAol8eG1ZRt/8LYKnvUXD5FgsA1gcUK4C1CG4R4j9IT3qBNwZd1evEr9Na6s2WR
OAGFiwPp0Z0S/BGwbSx2oigrBmFHIvD3kC/QKHcEi2It8BFU9s78bQfhOk91utjC
0IS2ZBb7Re8aoHszdLRBbca7Mf0aQEaSyefiLb585gOtIxemsdvuxeLIFaYYjvnN
2WiL6l/53ZCJpMJy1mIRRpljNFUXKyyvMoBc+PECAwEAAaOCA0kwggNFMB0GA1Ud
DgQWBBSLaTJ/hWuR9MPrNgvThtj8D2+taDAfBgNVHSMEGDAWgBTEaYWF5evRHJac
ftSjIO2vydF4IjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hHbUZoZVhyMFJ5V25IN1VveUR0cjhuUmVDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8x
L2kya3lmNFZya2ZURDZ6WUwwNGJZX0E5dnJXZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8xL3hHbUZoZVhyMFJ5
V25IN1VveUR0cjhuUmVDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AV0GCCsGAQUFBwEHAQH/BIIBTDCCAUgwggFEBAIAATCCATwDBAFWJrIDBAJWJrgD
BAFWJsoDBAFWJvYDBAFZdDoDBAFZdEQDBAFZdFgDBABZdFwwDAMEAVl0agMEAFl0
bDAMAwQAWXR9AwQAWXSAMAwDBAFZdIIDBABZdIQDBABZdIcDBABZdIkDBABZdI0w
DAMEAll0lAMEAFl0ljAMAwQAWXSZAwQAWXSaAwQAWXShAwQAWXSjAwQAWXSmAwQA
WXSzMAwDBANZdLgDBABZdLowDAMEAFl0vQMEAFl0vgMEAVl00gMEAVl0/AMEAFl0
/wMEAVl1CAMEAVl1DAMEAVl1IAMEAVl1JAMEAll1QAMEAVl1RgMEAVl1XgMEAVl1
ZgMEAVl1dAMEAFl1izAMAwQBWXWeAwQCWXWgAwQAWXW8AwQAWXW+AwQAWXXeAwQB
WXXkAwQAWXX1AwQAWXX6MA0GCSqGSIb3DQEBCwUAA4IBAQBNfpPcs2lDHqMuXW5C
UnUwhqkXKbjieogFsf8ca1ffDJE3zaQIiBIN/ORQ3St81As7Tp7j0LQ3cgf1G2dG
VBh/3JP/elDqDQLfJEXrrxIvErz49n+Dvuxb+1/d3c3rRzqnDbQPmuHG+DO1gF6L
xxWeYCJ02pMhVWMWNuFjEjKzos4HammE0a6x68Mtzhhd4Mtmurv0uGd93sojxiOY
ZR0H9tuKWZiXTzp4wCFJ8ZcK/dNVR2HaXqgvfd5iH5jeZD3hq3RaAe6PJP86HJh2
t7H8S6Hx4YsINA1RKoACOG6wfx7zw8zu/9mG6Z294Z5FB6JP8W0jX2wXFPC9jLig
mAJI
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:25 2023 by rpki-client on console-fra.rpki-client.org